Re: AllowUsers issue

On 1/18/06, Roberto Gallo <robertogallofilho@xxxxxxxxxxx> wrote:

Hi Roberto,

> I have an FC3 system using OpenSSH and would like to allow only one user to
> login.
> This way, I have changed the file /etc/ssh/sshd_config at 3 different
> points:
>
> 1) Added: "Protocol 2"
> 2) Toggle: "AllowPAM no"
> 3) Added: "AllowUsers myuser"
>
> Then, I executed: "/usr/sbin/sshd"
>
> Even after that, I could login with a different user than "myuser". What did
> I do wrong?

You forgot to mention the DenyUsers part:

DenyUsers '*'
AllowUsers myuser

Regards,

--
[vl@dimir]#

Relevant Pages

  • AllowUsers issue
    ... I have an FC3 system using OpenSSH and would like to allow only one user to login. ... I could login with a different user than "myuser". ...
    (SSH)
  • Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD
    ... openssh or some other priveledge separation protocol to the machine due ... if there is any remote management that we absolutely require to be ... the time being since we don't actually know of any such mandatory login ... unix sockets require page sized allocation frequently which will endup ...
    (Linux-Kernel)
  • Re: Upcoming OpenSSH vulnerability
    ... openssh that do not have privelege seperation. ... Theo de Raadt claims there is a potential remote root hole ... seems very likely that it would NOT require a valid login to exploit, ...
    (comp.security.ssh)
  • Re: Upcoming OpenSSH vulnerability
    ... openssh that do not have privelege seperation. ... Theo de Raadt claims there is a potential remote root hole ... seems very likely that it would NOT require a valid login to exploit, ...
    (comp.security.ssh)
  • Signal 1, Name stays on "who" list under Linux
    ... I'm not too sure if this is off topic, it might be a bug in sshd which is ... OpenSSH v3.4p1, SSH protocols 1.5/2.0 ... 1> connect to the linux box via SSH client and login as any user ... To get past step 2 you have to enter root password, ...
    (comp.security.ssh)